Identity Enforcement

Risk is Reality: Our Take on the Recent Auth0 Vulnerability

By | Date posted: May 23, 2018

Last month, another major identity management vendor revealed a significant vulnerability. This time it was Auth0.

While conducting its own research, Cinta Infinita discovered the vulnerability in Auth0’s Legacy Lock API. The security firm noted it “was able to bypass password authentication when logging into Auth0’s Management Dashboard by forging an authentication token.”
Read more

Authentication and Authorization: Reducing The Risk While Still Enabling Collaboration

By | Date posted: September 14, 2015

At the World Economic Forum held in Davos Switzerland last January, Cisco CEO, John Chambers warned, “The number of security incidents this year will be exponentially greater than last year”. If Mr. Chambers’ words did not raise a big red flag with all developers, then the events of the past few months should. Not only are such incidents more common, they are becoming more disruptive.

Read more